13 matches found
CVE-2026-3345
IBM Langflow Desktop API v2 File Upload Endpoint (POST /api/v2/files) is vulnerable to a path traversal due to improper validation/sanitation of user-supplied filenames passed to LocalStorageService, allowing authenticated attackers to write files outside the intended upload directory and potenti...
MAL-2026-1855 Malicious code in ssf-desktop-api-specification (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0b483f1c94deb76e7655d38cf4abdc31f984c39ed008ad293ea7614387704d3 The package ssf-desktop-api-specification was found to contain malicious code...
Malicious code in ssf-desktop-api-specification (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0b483f1c94deb76e7655d38cf4abdc31f984c39ed008ad293ea7614387704d3 The package ssf-desktop-api-specification was found to contain malicious code...
MAL-2026-1854 Malicious code in ssf-desktop-api-electron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49396220b88ccf03b280b2ccbf09f84a3c871d1877ca7db06fd0e3fb78221305 The package ssf-desktop-api-electron was found to contain malicious code...
Malicious code in ssf-desktop-api-electron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49396220b88ccf03b280b2ccbf09f84a3c871d1877ca7db06fd0e3fb78221305 The package ssf-desktop-api-electron was found to contain malicious code...
MAL-2025-192359 Malicious code in ssf-desktop-api-browser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5940c26ac6aa2f9c3682f4d383922757d2d5c361b5a70140ca289eabe304be8d The package ssf-desktop-api-browser was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-201555
Malicious code in ssf-desktop-api-browser npm...
EUVD-2025-201562
Malicious code in ssf-desktop-api-openfin npm...
MAL-2025-192360 Malicious code in ssf-desktop-api-openfin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 367b2689b7d50c48e26747ef1edce3a36165d64fd361ad3fc19f1c52fce204f9 The package ssf-desktop-api-openfin was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in ssf-desktop-api-openfin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 367b2689b7d50c48e26747ef1edce3a36165d64fd361ad3fc19f1c52fce204f9 The package ssf-desktop-api-openfin was found to contain malicious code. Source: ossf-package-analysis...
CVE-2012-0549
Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API...
Design/Logic Flaw
Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API...
CVE-2012-0549
Unspecified vulnerability in the Oracle AutoVue Office component in Oracle Supply Chain Products Suite 20.1.1 allows remote attackers to affect confidentiality, integrity, and availability, related to Desktop API...